Security Series Part 6: Unleashing the Power of Big Data through Secure APIs

Quite often what makes an organization unique can be found in the volumes of data it has stored and hidden from the outside world. But while access is prevented and data is protected, new revenue streams are prohibited. Please join us to learn how securely externalizing your core Big Data assets through a Secure API Data Lens can result in new business models and revenue streams never attainable until now.

In Part 1, we examined what GDPR is, what the requirements are and how organizations will be impacted. In Part 2, our panel will discuss more on the potential impacts of GDPR across a typical organization (including assessments, encryption, audit & controls and the impact to each department, from finance to marketing) and what the organization should be doing to plan for GDPR. Join (ISC)² on March 27, 2018 at 1:00PM Eastern, as (ISC)² discusses these topics and answers questions from the audience about this important and looming regulation.

May 25, 2018 is coming like a freight train. The General Data Protection Regulation (GDPR) goes into effect on that date, and organizations of all sizes (that collect data from EU residents) need to be ready for this new regulation. With the new regulation, the definition of personal data has been expanded and it applies to wherever data is sent, processed or stored. On March 13, 2018 at 1:00PM Eastern, (ISC)² kicks off the 1st part of the 2-part webcast where we will focus on what is GDPR, what the requirements are and how organizations will be impacted. Part 2 will expand on potential impacts and examine what organizations should be putting into their planning for GDPR.

Security is an essential element of any application and increasingly critical for API-driven architectures in hybrid and public cloud environments. New threats and vulnerabilities emerge constantly, and enterprises find themselves struggling to protect these APIs from attacks. Join Imperva and (ISC)2 for Part 2 of our Security Briefings series on March 8, 2018 at 1:00PM Eastern where we will discuss proven approaches to making API security a priority through understanding how common types of attacks such as distributed denial of service (DDoS) can target APIs, what are the steps to proactively secure development frameworks, and how to enforce identity across enterprise environments.

Our modern world depends on healthy, functioning, IoT devices. Unfortunately many of them are terribly insecure. Cyber attackers know this and have been aggressively compromising IoT devices for years. For the past two years, F5 Labs has been tracking cyber attackers as they hunt, infect, and build “Thingbots” - botnets made from IoT devices. This hunt has developed sizable thingbots like the infamous Mirai, and many others that have the capability to launch globally destructive attacks. These attacks can significantly impact modern life because of IoT’s presence within power systems, transportation systems, airport monitors, emergency warning systems, and security cameras. Join F5 and (ISC)2 on March 1, 2018 at 1:00PM Eastern for the 2nd Part of our three part Security Briefings series where we’ll explore the threat actors behind these attacks, the geographical targets of their attacks, how they are evolving their attack methods, and the types of devices impacted. We’ll include tips on how to start protecting yourself personally, and what you should be doing to protect your businesses.

Bots. They generate over half of the internet traffic and over half of the bots are malicious (or of questionable value). Bots can make your systems vulnerable to scraping bots, account takeover bots, impersonators, spammers and hackers. On February 8, 2018 at 1:00PM Eastern, Impreva will share data gathered from their security research team about the most recent bot trends, how bot traffic is changing, where it’s coming from, and the top actions you should be taking to mitigate the effects of bad bots on your websites. Join us for Part 1 of a 3 Part Security Briefings series and understand how commercial services take a multi-layer approach to bot mitigation and management and whether one of these services may be appropriate for you.

Web application security is complex, difficult, and costly. These issues are well known, but remain prevalent out in the real world. Most development teams do not have the time or resources to sufficiently protect against the myriad of attacks that are relevant to each vector, while the level of expertise required to address these issues are difficult to come by even if your project has the time and budget for it. The good news is that advanced WAF technology is more accessible and affordable than ever before. With the right tools, comprehensive WAF coverage can not only reduce your exposures and give you better control over your applications but also help optimize your resources and reduce overall operating costs. Join F5 and (ISC)2 for Part 1 of a 3 part Security Briefings Series on February 1, 2018 at 1PM Eastern where we’ll discuss the OWASP Top 10, defenses for everything it addresses and how to use WAF to optimize and filter unwanted traffic to cut costs in the cloud.

The application economy is altering the way we live, work, and interact. As a result, organizations are transforming the way they provide services to customers, employees, and partners. But no matter how these services are accessed, a fundamental concern remains: How does an organization protect sensitive data, while still allowing a frictionless and enjoyable user experience?Join David Duncan, VP, Security of CA Technologies and (ISC)2 on Thursday, January 11, 2018 at 1:00PM Eastern for examination of the cybersecurity risks that can result from application development and what it takes to future-proof business trust.

Access to and within DevOps environments have proliferated over the past few years, with both users and scripts (with embedded credentials). This privileged identity sprawl poses significant risks that need to be addressed.Join CA Technologies and (ISC)2 on December 7, 2017 at 1:00PM Eastern. In this session, we'll look at the technology and approach that CA takes to secure such environments.

Do you have a minute? 1 minute 40 seconds to be exact? That’s the median time-to-first-click in most phishing expeditions. While we celebrate all that humans can accomplish with the help of technology, we must also be cognizant of the dangers affiliated with humans and technology. How can you as a leader educate your people? How can you encourage them to take a minute to THINK before clicking? Join Mimecast and (ISC)2 as we explore how email is being used as entry point for multiple types of attacks, the negative impact these attacks have on organizations and how to enhance your email security and overall cyber resilience.

As the volume and variety of network data increases, security tools in high-speed networks are unable to keep pace with the explosion of encrypted threats, from malware incursion to data exfiltration. The standard approach of decryption of traffic by each security tool no longer works. Additionally, this approach can result in performance degradation, massive inefficiencies and unnecessary expenditures by security teams. In this webcast, we’ll examine how to eliminate tool overload and high latency as well as how a “decrypt once and inspect many” approach to managing SSL traffic effectively detects hidden threats and provides greater security infrastructure resiliency.

Managing the increasing volumes of network data across expanding physical, virtual and cloud networks is a growing challenge for Enterprise IT organizations. Likewise, the increase in malware, data breaches and ransomware challenges SecOps teams to build a stronger, scalable security posture while mitigating risk. This effort overloads network security, monitoring and analysis tools, as well as the Infosecurity staff. How can an organization access and utilize critical network information and use the metadata generated to turbo charge incident detection and response? In this webcast, we’ll examine how to reduce time-to-threat detection by analyzing metadata traffic, using proactive, real-time traffic monitoring vs. reactive forensics, to protect increasingly complex networks.

Organizations continue to move to the public cloud in large numbers, but they often do not understand the implications of the shared responsibility model. The question is: “who is responsible for security of the cloud versus security in the cloud”? This webcast will address this question, look at SLAs for mission-critical workflows to the cloud, as well as how to assure compliance and accelerate the on-boarding of critical applications.

With the eruption of connected devices and the Internet of Things, cybersecurity professionals have a lot on their plates. More connected devices equates to more traffic, more attack routes, more attempts at cybersecurity breaches, and a lot more data that needs to be analyzed. As the volume of intrusions and breaches multiple, Artificial Intelligence (A.I.) may be able to provide a tool to gain defensive advantage for government agencies. Join John McCumber, (ISC)2’s Director of Cybersecurity Advocacy and Ian Doyle, IBM’s Executive Security Advisor for the U.S. Government as they discuss how to leverage these collaborative and cognitive solutions to help prevent, detect, and respond to today’s cybersecurity threats impacting your agency.

A recent research study conducted by Meritalk on the use of Artificial Intelligence (A.I.) asked federal cybersecurity professionals to share their views on the use of AI to enhance a cybersecurity analyst’s ability to identify and understand sophisticated threats, by tapping into unstructured data and correlating it with local cybersecurity offenses. What are the cybersecurity implications within the Federal Government for the rise of A.I.? What role can A.I. play in incident response? Can it help prepare agencies for real-world cyber attack scenarios? Join John McCumber, (ISC)2’s Director of Cybersecurity Advocacy and Ian Doyle, IBM’s Executive Security Advisor for the U.S. Government for an examination of the recent study and results.

Your organization and people are being targeted by cyber criminals, hackers and even state-sponsored threat actors and learn how email is a key vector at the heart of this new threat. Join Mimecast and (ISC)2 for an intriguing presentation when you’ll discover and view examples of the various tools attackers leverage to expose your organization with a combination of technology, psychology, and the simplest of methods to "Hack a Human." We’ll also examine the current threat landscape using email attacks and how social engineering has become “malware-less”.

Organizations in the healthcare industry handle data more sensitive (and valuable) than that of companies in perhaps any other sector. Because of this, those organizations need to demonstrate a heightened standard of data security and privacy. To ensure this, the U.S. has enacted the Health Insurance Portability and Accountability Act of 1996 (HIPAA). While use of the cloud affords organizations greater efficiency, it also complicates issues of security and regulatory compliance. But the good news is that solutions that enable cloud and security are available. Join Bitglass and (ISC)2 on November 2, 2017 at 1:00PM Eastern to learn about the requirements of HIPAA and the specific security capabilities that healthcare firms need in order to meet compliance requirements.

Faced with more stringent compliance requirements, driven by GDPR and other regulations, coupled with the difficulties to maintain an effective security profile in dynamic threat environment, many organizations are looking for a new way to manage their data protection. Guided by the ease of use and affordability of as-a-service offerings, organizations are looking to the cloud for answers. Proven efficient for a range of solutions from authentication to networking, the next cloud-based security frontier is revolutionizing the way companies and their service providers manage complex key management and encryption solutions. Simpler, more cost-effective, on-demand options that allow the organization to focus on its business, knowing that their data is securely under control, and only they have the keys to their kingdom, is set to redefine the way organizations do data protection today.

More and more enterprises are moving their applications into public and private cloud infrastructure. The cloud is becoming more appealing for enterprises as it facilitates business growth due its agility, resiliency and scalability. The advent of a variety of technologies and processes such as containers, micro-services, and DevOps has made rolling out new applications into the cloud very quick and desirable for development teams. Join Imperva and (ISC)2 for an examination of how enterprises move applications to the cloud without forgetting to put security first.

With the proliferation of cloud deployment options and platforms, management of application security across platforms has become a major problem for security teams. In this webinar, we address challenges posed by cloud proliferation, and how to approach development of a consistent security posture across platforms to better manage risks.

As more workloads are moved to cloud infrastructure, unique security challenges arise. Join Imperva and (ISC)2 for this webinar where we'll discuss some of the tradeoffs for on-prem and cloud app security, strategies for approaching security in hybrid environments, and the importance of flexible deployment models.